Cryptocurrency {hardware} pockets supplier Ledger has clarified a current knowledge incident involving its e-commerce accomplice World-e.
World-e, a cross-border e-commerce platform built-in by Ledger in October 2023, skilled unauthorized entry to order knowledge in its info methods, which affected some Ledger clients.
Ledger advised Cointelegraph that the incident was restricted to World-e’s methods and didn’t contain a breach of Ledger’s platform or its {hardware} and software program.
“A number of the knowledge accessed as a part of this incident pertained to clients who made a purchase order on Ledger.com utilizing World-e as a Service provider of Document,” a spokesperson for Ledger mentioned.
Names and make contact with information leaked
In keeping with social media reviews, the World-e incident resulted within the publicity of some Ledger customers’ private info, together with names and make contact with particulars.
“We retained unbiased forensic specialists to conduct an investigation into the incident and have been capable of decide that some private knowledge to incorporate identify and make contact with info,” Ledger mentioned in a press release to affected clients, shared by customers on X.
Ledger highlighted that the breach didn’t result in entry to any cost info, together with cost card or checking account particulars, and that customers’ account credentials or passwords weren’t affected.
“We might additionally wish to remind you that World-e doesn’t maintain any delicate private knowledge — similar to gender, date of beginning or authorities ID numbers — to serve our clients,” the corporate added.
World-e doesn’t have entry to seed phrases
Ledger additionally reiterated that according to its wallets’ design and mission, Ledger merchandise are self-custodial, that means that solely the consumer has entry to the personal key or the seed phrase, which permits customers to entry their crypto holdings.
“World-e doesn’t have entry to your 24 phrases, blockchain steadiness, or any secrets and techniques associated to digital belongings,” Ledger mentioned in a press release to Cointelegraph, encouraging customers to be alert to any potential phishing campaigns.
Ledger mentioned it was not the one model whose buyer knowledge was affected. “The unauthorized get together gained entry to a World-e cloud-based info system containing shopper order knowledge from a number of manufacturers,” it said.
Ledger added that it continues to work with World-e to make sure impacted customers are notified and knowledgeable of steps they will take to guard their knowledge.
Associated: Faux MetaMask 2FA safety checks lure customers into sharing restoration phrases
The incident got here only a few months after Ledger warned customers of a phishing rip-off focusing on customers by bodily mail in October 2025.
The most recent incident affecting Ledger customers is certainly one of many current knowledge breaches focusing on personal consumer info throughout digital platforms, together with crypto providers. Earlier incidents have led to phishing assaults focusing on customers of main trade corporations similar to Coinbase, Binance and rival {hardware} pockets supplier Trezor.
Journal: How crypto legal guidelines modified in 2025 — and the way they’ll change in 2026